So to start I will explain why I'm trying to do that, as it sounds stupid at first.
I have a location with a MT used as a WG client. The throughput is around ~1Mb/s (sic!) despite the network having plenty of bandwidth. When two connections are made the bandwidth is EXACTLY 2x1Mb/s. It turns out the ISP throttles UDP connections based on src-port. I've got a confirmation that it's the case but they're not gonna change that because... reasons. As there are no other ISPs to pick I needed to get creative.
ROS firewall allows for matching n-th packets, so I was wondering how can I change src-port for packets originating at the router? As far as I can see it can only be done in the NAT. However not every packet hits src-nat. Only the first packet hits my src-nat rule and then "connection" is stuck forever in Firewall -> Connections (even with tracking disabled).
Are there any other clever ways of changing src-port of packets except NAT src-nat? I tried marking the packet as "no track" but it can only be seen in Raw -> Output which I believe is too late as it does nothing.